HIPAA Omnibus: Guidance Coming

HHS to Issue Compliance Help for Providers, Business Associates
HIPAA Omnibus: Guidance Coming

The Department of Health and Human Services will issue a "suite" of guidance to help healthcare providers, business associates and patients better understand how to comply with the HIPAA Omnibus Rule, an HHS attorney says.

See Also: Reducing Complexity in Healthcare IT

"We are trying hard to get guidance out as soon as we can," says Iliana Peters, an attorney at HHS' Office for Civil Rights who worked on the team that crafted the final rule. That way, providers will be better able to comply in time for the Sept. 23 enforcement date for the rule, she notes. The rule went into effect March 26.

Peters, who made her comments April 25 during a panel discussion on HIPAA Omnibus sponsored by Microsoft and consumer advocacy group Patient Privacy Rights, says OCR has been working with other agencies, including the Office of the National Coordinator for Health IT, in developing the guidance.

In recent months, HHS has issued other compliance guidance related to the HITECH Act electronic health record incentive program and HIPAA, including privacy and security tips for mobile devices (see: HHS Offers Mobile Device Security Tips).

Although Peters didn't elaborate on the topics of the guidance, she says it will take into account questions that covered entities, consumers and business associates have asked OCR about the HIPAA Omnibus Rule, which includes extensive security, privacy and breach notification provisions.

During the process of writing the new rule, OCR eliminated some sections "to get it to a manageable size," Peters says. Some material that was cut will be included in the forthcoming guidance, she adds.

About the Author

Marianne Kolbasuk McGee

Marianne Kolbasuk McGee

Executive Editor, HealthcareInfoSecurity, ISMG

McGee is executive editor of Information Security Media Group's HealthcareInfoSecurity.com media site. She has about 30 years of IT journalism experience, with a focus on healthcare information technology issues for more than 15 years. Before joining ISMG in 2012, she was a reporter at InformationWeek magazine and news site and played a lead role in the launch of InformationWeek's healthcare IT media site.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.